﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Text.RegularExpressions;

namespace LiteExpress.Utilities
{
    public class ValidateHelper
    {
        private static Regex rgx_email = new Regex(@"^[\w\.-]+@([\w-]+\.)+[a-zA-Z]{2,4}$", RegexOptions.IgnoreCase| RegexOptions.Compiled);

        /// <summary>
        /// 验证输入的字符串是否为邮件格式
        /// </summary>
        public static bool IsEmail(string instr)
        {
            return rgx_email.IsMatch(instr);
        }

        private static Regex rgx_mobile = new Regex(@"^1\d{10}$", RegexOptions.IgnoreCase | RegexOptions.Compiled);

        /// <summary>
        /// 验证输入的字符串是否为手机号
        /// </summary>
        public static bool IsMobile(string instr)
        {
            return rgx_mobile.IsMatch(instr);
        }

        private static Regex rgx_post = new Regex(@"^\d{6}$", RegexOptions.IgnoreCase | RegexOptions.Compiled);

        /// <summary>
        /// 验证输入的字符串是否为邮编
        /// </summary>        
        public static bool IsPostalCode(string instr)
        {
            return rgx_post.IsMatch(instr);
        }

        private static Regex rgx_tel = new Regex(@"^\d{3,5}-\d{7,8}(-\d{1,5})?$", RegexOptions.IgnoreCase | RegexOptions.Compiled);

        /// <summary>
        /// 验证输入的字符串是否为电话格式，区号-号码-分机
        /// </summary>        
        public static bool IsPhone(string instr)
        {
            return rgx_tel.IsMatch(instr);
        }

        private static Regex rgx_ip = new Regex(@"^((2[0-4]\d|25[0-5]|[01]?\d\d?)\.){3}(2[0-4]\d|25[0-5]|[01]?\d\d?)$", RegexOptions.Compiled);

        /// <summary>
        /// 验证输入是否为ip地址
        /// </summary>        
        public static bool IsIP(string input)
        {
            return rgx_ip.IsMatch(input);
        }

        /// <summary>
        /// 验证输入的字符串是否存在不安全的sql关键字
        /// </summary>
        /// <param name="instr">要过滤的字符串</param>
        /// <returns>如果参数存在不安全字符，则返回true</returns>
        public static bool ValidSQLfilter(string instr)
        {
			string word = "and|exec|insert|select|delete|update|chr|mid|master|or|truncate|char|declare|join|%|&|*|#|@|=|select|set|chr(10)|chr(13)|chr(34)|chr(39)|\'|\"|;|>|<|-";
			
            if (instr == null)
			{
                return false;
			}

			foreach (string i in word.Split('|'))
			{
                if ((instr.ToLower().IndexOf(i + " ") > -1) || (instr.ToLower().IndexOf(" " + i) > -1))
				{
					return true;
				}
			}
            return false;
        }

        /// <summary>
        /// 验证并过滤输入的字符串中存在的不安全的sql关键字
        /// </summary>
        /// <param name="instr">要过滤的字符串</param>
        /// <returns>返回过滤后的字符串</returns>
        public static string LeachSQLfilter(string instr)
        {
            string word = "and|exec|insert|select|delete|update|chr|mid|master|or|truncate|char|declare|join|%|&|*|#|@|=|select|set|chr(10)|chr(13)|chr(34)|chr(39)|\'|\"|;|>|<|-";
            foreach (string i in word.Split('|'))
            {
                if ((instr.ToLower().IndexOf(i + " ") > -1) || (instr.ToLower().IndexOf(" " + i) > -1))
                {
                    instr = instr.Replace(i,"");
                }
            }
            return instr;
        }

        /// <summary>
        /// 验证输入的字符串是否存在不安全的特殊字符
        /// </summary>
        /// <param name="instr">要过滤的字符串</param>
        /// <returns>如果参数存在特殊字符，则返回true</returns>
        public static bool ValidSqlFilterForSpecialChar(string instr)
        {
            string word = "%|&|*|#|@|=|\'|\"|;|>|<|-";

            if (instr == null)
            {
                return false;
            }

            foreach (string i in word.Split('|'))
            {
                if ((instr.ToLower().IndexOf(i + " ") > -1) || (instr.ToLower().IndexOf(" " + i) > -1) || (instr.ToLower().IndexOf(i) > -1))
                {
                    return true;
                }
            }
            return false;
        }

        /// <summary>
        /// 验证并过滤输入的字符串中存在的不安全的特殊字符
        /// </summary>
        /// <param name="instr">要过滤的字符串</param>
        /// <returns>返回过滤后的字符串</returns>
        public static string LeachSqlFilterForSpecialChar(string instr)
        {
            string word = "%|&|*|#|@|=|\'|\"|;|>|<|-";
            foreach (string i in word.Split('|'))
            {
                if ((instr.ToLower().IndexOf(i + " ") > -1) || (instr.ToLower().IndexOf(" " + i) > -1) || (instr.ToLower().IndexOf(i) > -1))
                {
                    instr = instr.Replace(i,"");
                }
            }
            return instr;
        }

    }
}
